Skip to content

Chi Tran

Security Research | Writeups | My words are my own

  • Home
  • About Me
  • Contact

Pwning the Facebook Portal

Posted on January 20, 2022January 20, 2022 by Chi Tran

Overview Back in November, 2021, my friend and I were trying to make an attempt…

Read More

Python Deserialization on Integrated AWS DDB Flask App

Posted on December 19, 2021 by Chi Tran

Cách đây vài hôm mình có gặp một challenge hay ho khi làm Bug Bounty…

Read More

[English] How I faked tons of COVID passes — “Weak Key Cryptography in real world”

Posted on September 29, 2021October 1, 2021 by Chi Tran

I. SUMMARY Hanoi Police Department was using a QR generation system to provide COVID passes…

Read More

[Tiếng Việt] Tôi đã fake hơn 250k giấy đi đường như thế nào — “Weak Key Cryptography in real world”

Posted on September 17, 2021October 1, 2021 by Chi Tran

I. TÓM TẮT Hệ thống cấp giấy đi đường mà Công An Thành Phố Hà…

Read More

Protected:

Posted on September 17, 2021November 6, 2021 by Chi Tran

There is no excerpt because this is a protected post.

Read More

[ZDI-21-977] D-Link DAP-2020 webproc Stack-based BOF RCE

Posted on August 21, 2021August 22, 2021 by Chi Tran

I. OVERVIEW Discoverer: Chi Tran & phieulang93 & chung96vn Vendor & Product: D-Link Version: DAP-2020…

Read More

[ZDI-21-203] D-Link DAP-2020 webproc getpage Stack-based BOF RCE

Posted on February 26, 2021August 21, 2021 by Chi Tran

I. OVERVIEW Discoverer: Chi Tran & phieulang93 & chung96vn Vendor & Product: D-Link Version: DAP-2020…

Read More

[CVE-2020-8962] D-LINK DIR-842 Stack-based Buffer-overflow

Posted on February 12, 2020August 30, 2020 by Chi Tran

I. OVERVIEW Discoverer: Chi Tran Vendor & Product: D-Link Version: DIR-842_REVC_RELEASE_NOTES_v3.13B09_HOTFIX CVE Reference: CVE-2020-8962 II….

Read More

PortSwigger – Top 10 web hacking techniques of 2019 – nominations open

Posted on January 27, 2020 by Chi Tran

Author: James Kettle – @albinowax Update: Nominations are now closed – cast your vote here Nominations for…

Read More

[CVE-2020-7237] Remote Code Execution in Cacti RRDTool

Posted on January 25, 2020 by Chi Tran

I. OVERVIEW Discoverer: Chi Tran Vendor & Product: Cacti | Network Monitoring Tool Version: 1.2.8…

Read More
1 2 3 … 5 Next »

Categories

  • Bug Hunting
  • Cases Study
  • CTF
  • Hack The Box
  • OSCP
  • Penetration Testing Guides
  • Root-me
  • Security Cheat Sheets (@PENTESTMONKEY)
  • Security Research
  • Tools

Archives

  • January 2022
  • December 2021
  • September 2021
  • August 2021
  • February 2021
  • February 2020
  • January 2020
  • June 2019
  • May 2019
  • March 2019
  • February 2019
  • December 2018
© Chi Tran | Security Research
Proudly powered by WordPress | Theme: Bloge by Canyon Themes.